CentOS 7 -- Squid 3.5.20

CentOS 7 -- Squid 3.5.20

Good morning all,

I installed Squid from the main CentOS repos, and I noticed that ssl_crtd is missing from the package (making SSL inspection broken). I’ve found a thread
on serverfault in which someone just recommend downloading and installing squid-helpers.rpm from a third party repo, but that is unfortunately not permissible in my circumstance.

NOTICE:
This e-mail is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure. If the reader of this e-mail is not the intended recipient or the employee
or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately
notify us by replying to the original message at the listed email address.

I installed Squid from the main CentOS repos, and I noticed that ssl_crtd is missing from the package (making SSL inspection broken). I’ve found a thread
on serverfault in which someone just recommend downloading and installing squid-helpers.rpm from a third party repo, but that is unfortunately not permissible in my circumstance.

NOTICE:
This e-mail is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure. If the reader of this e-mail is not the intended recipient or the employee
or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately
notify us by replying to the original message at the listed email address.

Thank you
Oklahoma Employees Credit Unionhttp://www.oecu.org
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

You cannot install squid-helpers rpm without the squid rpm from the repo
since your main squid binaries will be missing the core functionality of
bumping ssl connections.
The ssl_crtd is just a helper software which can be written by the squid
team or by someone else.
It happens so the Squid-Cache team found it unreasonable to release an
helper api without the helper itself.
Squid main function is a simple forward proxy without any ssl
bumping\interception and also since it's illegal in more than some places on
the globe to use ssl-bump, I decided package it as a helper
You can use the RPMS or SRPMS from my repository just get into:
http://ngtech.co.il/repo/centos/7/

and find your way in the folder.
If you need more help I am here for it.

I installed Squid from the main CentOS repos, and I noticed that ssl_crtd is
missing from the package (making SSL inspection broken). I’ve found a thread
on serverfault in which someone just recommend downloading and installing
squid-helpers.rpm from a third party repo, but that is unfortunately not
permissible in my circumstance.

NOTICE:
This e-mail is intended solely for the use of the individual to whom it is
addressed and may contain information that is privileged, confidential or
otherwise exempt from disclosure. If the reader of this e-mail is not the
intended recipient or the employee or agent responsible for delivering the
message to the intended recipient, you are hereby notified that any
dissemination, distribution, or copying of this communication is strictly
prohibited. If you have received this communication in error, please
immediately notify us by replying to the original message at the listed
email address.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com______________________________________________________________________

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com______________________________________________________________________

Re: CentOS 7 -- Squid 3.5.20

Thank you very much for the info.

What's weird is that the "squid -v" output from the CentOS distribution has the "--with-openssl" and "--enable-ssl_crtd" flags enabled! I just assumed that it was capable of SSL stuff since I saw that.

I went ahead and just compiled it per Tommy's suggestion earlier in the day. (I even used the output of the "squid -v" command from the prebuilt CentOS version.) Had a little trouble figuring out the permissions/folder/Squid user stuff (since that stuff is done automatically when installing from repos), but it seems to be up and running now.

You cannot install squid-helpers rpm without the squid rpm from the repo since your main squid binaries will be missing the core functionality of bumping ssl connections.
The ssl_crtd is just a helper software which can be written by the squid team or by someone else.
It happens so the Squid-Cache team found it unreasonable to release an helper api without the helper itself.
Squid main function is a simple forward proxy without any ssl bumping\interception and also since it's illegal in more than some places on the globe to use ssl-bump, I decided package it as a helper You can use the RPMS or SRPMS from my repository just get into:
http://ngtech.co.il/repo/centos/7/

and find your way in the folder.
If you need more help I am here for it.

I installed Squid from the main CentOS repos, and I noticed that ssl_crtd is missing from the package (making SSL inspection broken). I’ve found a thread on serverfault in which someone just recommend downloading and installing squid-helpers.rpm from a third party repo, but that is unfortunately not permissible in my circumstance.

NOTICE:
This e-mail is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure. If the reader of this e-mail is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify us by replying to the original message at the listed email address.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com ______________________________________________________________________

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com ______________________________________________________________________